Summary
Join VerSprite as a Penetration Tester / Offensive Security Consultant and contribute to the company's mission of helping organizations tighten their risk-gaps with evolved security solutions and advanced threat intel tools. As a key member of the team, you will perform web and network pentests, analyze vulnerabilities, and deliver clear reporting. With a competitive compensation package and opportunities for career growth, this role is ideal for an ethical hacker looking to turn their early experience into a long-term career.
Requirements
- Solid fundamentals in Web (Apps/Services/APIs) and network pentesting (2+ years)
- Experience with Social Engineering through Phishing Campaigns, Source Code Analysis, Cloud environments and Auditing Smart Contracts definitely a great bonus
- Solid understanding of common webapp vulnerabilities, exploitation techniques, and remediation options
- Solid foundation on network protocols (HTTP, SSH, SMTP, etc) and their typical security issues
- Solid knowledge of common security concepts (crypto, AAA, AD security, SSO, OS Security, etc.) and practical offensive techniques (SSH tunneling, pivoting, OSCP equivalent knowledge)
- Proficient in developing in at least two languages, ideally one Web and one Scripting: Python, Ruby, Swift, Golang, C/C++, .NET, PHP, JS, BASH, etc
- Passion for learning new technologies and processes, and contributing to refining existing capabilities
- Experience developing custom scripts or tools to enhance penetration testing and improve automation of repetitive tasks
- Work well under pressure and in a fast pace environment
Responsibilities
- Perform Web (Apps/Services/APIs) and Network (Internal/External/Cloud) Pentests
- Elaborate and properly document proof-of-concepts for real-world exploitation scenarios of the discovered vulnerabilities with enough details so they can be easily reproduced
- Analyze vulnerabilities and deliver clear and coherent written reporting
- Provide clients the technical risk associated to all findings reported while recognizing their true business impact
- Support all reported vulnerabilities with their remediation guidance
- Collaborate with other team members (Test Lead, Team Lead and fellow consultants) on penetration tests and red teaming engagements
- Execute projects according to the alignments defined by the rules of engagements and complete them within defined deadlines as required
- Continuously learning and staying up-to-date with the latest attack techniques, tools, methodologies
Benefits
- Opportunities to develop new skills and progress your career
- The freedom and flexibility to handle your role in a way that’s right for you; and
- A collaborative environment where everyone works together to create a better working world
